Uber Paid Man to Keep Breach Secret

Share

A Reuters report citing sources familiar with the matter claims that a 20 year-old from Florida was responsible for Uber's 2016 data breach.

Even if a company manages to contain and handle a data breach, it has a duty to report it to regulators, which Uber appears to have failed to do, aiming for a cover-up rather than mea culpa. A new report from Reuters says that a Florida man, 20, was behind the massive hack.

Reuters' sources said that ex-CEO Travis Kalanick was aware of both the breach and payment when he led the company. He stepped down as Uber CEO in June and has taken a vow of silence too.

The ride-hailing app paid the man, whose identity is still unknown, and an anonymous accomplice to delete the data through a "bug bounty" programme, according to Reuters.

This is a bit unusual, as such bug bounty schemes are used to reward white hat hackers for discovering software vulnerabilities, and often the companies hosting them will trumpet the success and number of payouts they've made as an example of how strong and stable their code has become.

Nia Sharma becomes the second sexiest Asian woman
She has beaten a plethora of the most stunning A-list Bollywood divas including Deepika Padukone and Katrina Kaif. This honour has made this year even more great for the actress who is on a successful run this year.

Majority of voters disapprove GOP tax plan, says helps wealthy
Two new polls released Tuesday found that the GOP tax bill was deeply unpopular with the American public . Support is low across all income brackets and economic classes.

Snow likely in Friday forecast
With just 20 days until Christmas, the First Alert 5 team is already tracking our chances to see snow when the big day arrives. Next week brings some uncertainty with how many times cold air works its way into the area as well as how cold it will be.

Uber also then conducted a forensic analysis of the hacker's machine to make sure the data had been purged, the sources reportedly said. The hacker further paid a second person who offered his services in accessing GitHub to obtain credentials for accessing Uber's data.

Uber received an email previous year from an anonymous person demanding money in exchange for user data, and the message was forwarded to the company's bug bounty team in what was described as Uber's routine practice for such solicitations, according to three sources familiar with the matter. Hackers and security researchers are typically paid thousands of dollars for bugs they find, depending on their severity.

Uber had not responded to Silicon UK at the time of writing.

Mr. Khosrowshahi learned of the incident after becoming Uber's chief executive in August, and he's since terminated two employees implicated in its response, Joe Sullivan, Uber's former head of security, and a deputy, attorney Craig Clark.

Last week, three more top managers in Uber's security unit resigned.

Share